Access and integrity control in a public-access, high-assurance configuration management system

Proceedings of the 11th USENIX Security Symposium

Volumn , Issue , 2002, Pages

  Shapiro, Jonathan S ^a   Vanderburgh, John ^a  

^a JOHNS HOPKINS UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; NETWORK SECURITY;

CONFIGURATION MANAGEMENT SYSTEMS; DEVELOPMENT ACTIVITY; DISTRIBUTED SYSTEMS; HIGH ASSURANCE SYSTEMS; INFORMATION ARCHITECTURES; INTEGRITY PRESERVATIONS; OPEN SOURCE PROJECTS; SECURITY REQUIREMENTS;

OPEN SYSTEMS;

EID: 85084164523     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (20)

1. [Ber90] B. Berliner. CVS II: Parallelizing software development. In Proceedings of the USENIX Winter 1990 Technical Conference, pages 341–352, Berkeley, CA, 1990. USENIX Association.
2. [Clo98] Tyler Close. Droplets, 1998.
3. [CS02] Ben Collins-Sussman. The subversion project: Building a better cvs. The Linux Journal, February 2002.
4. [DA99] T. Dierks and C. Allen. The TLS protocol version 1.0, January 1999. Internet RFC 2246.
5. [Dav01] Don Davis. Defective sign & encrypt in S/MIME, PKCS7, MOSS, PEM, PGP, and XML. In Proc. 2001 USENIX Technical Conference, Boston, MA, June 2001. USENIX Association.
6. [dHHW96] A. Van der Hoek, D. Heimbigner, and A. Wolf. A generic peer-to-peer repository for distributed configuration management. In Proc. 18th International Conference on Software Engineering, Berlin, Germiny, March 1996.
7. [FK89] David C. Feldmeier and Philip R. Karn. UNIX password security - ten years later. In CRYPTO, pages 44–63, 1989.
8. [Hal94] Neil M. Haller. The S/KEY one-time password system. In Proceedings of the Symposium on Network and Distributed System Security, pages 151–157, 1994.
9. [ISO98] Common Criteria for Information Technology Security. International Standards Organization, 1998. International Standard ISO/IS 15408, Final Committee Draft, version 2.0.
10. [MAM95] Daniel L. Mcdonald, Randall J. Atkinson, and Craig Metz. One time passwords in everything (opie): Experiences with building and using stronger authentication. In Proc. 5th USENIX Security Symposium, Salt Lake City, UT, 1995.
11. [MMF00] Mark S. Miller, Chip Morningstar, and Bill Frantz. Capability-based financial instruments. In Proc. Financial Cryptography 2000, Anguila, BWI, 2000. Springer-Verlag.
12. [MT79] Robert Morris and Ken Thompson. Password security: A case history. CACM, 22(11):594–597, 1979.
13. [Pol96] J. Polstra. Program source for cvsup, 1996.
14. [Ree96] Jonathan A. Rees. A security kernel based on the lambda-calculus. Technical Report AIM-1564, 1996.
15. [Sha02] Jonathan S. Shapiro. CPCMS: A configuration management system based on cryptographic names. In Proc. FREENIX Track of the 2002 USENIX Annual Technical Conference. USENIX Association, 2002.
16. [SMTH91] Jonathan S. Shapiro, Mark Miller, Dean Tribble, and Chris Hibbert. The Xanadu Developer’s Guide. Palo Alto, CA, USA, 1991.
17. [SSF99] Jonathan S. Shapiro, Jonathan M. Smith, and David J. Farber. EROS: A fast capability system. In Proc. 17th ACM Symposium on Operating Systems Principles, pages 170–185, Kiawah Island Resort, near Charleston, SC, USA, December 1999. ACM.
18. [WG] E. James Whitehead, Jr. and Yaron Y. Goland. WebDAV: A network protocol for remote collaborative authoring on the web. In Proc. of the Sixth European Conf. on Computer Supported Cooperative Work (ECSCW’99), Copenhagen, Denmark, September 12-16, 1999, pages 291–310.
19. [Wu99] Thomas Wu. A real-world analysis of kerberos password security. In Proc. 1999 Internet Society Network and Distributed System Security Symposium, February 1999.
20. [Ylo96] Tatu Ylonen. SSH — secure login connections over the Internet. pages 37–42, 1996.